diff --git a/crypto/x509/build.info b/crypto/x509/build.info
index d99fca48fb71b..5c157886ac72a 100644
--- a/crypto/x509/build.info
+++ b/crypto/x509/build.info
@@ -19,7 +19,7 @@ SOURCE[../../libcrypto]=\
         v3_no_rev_avail.c v3_soa_id.c v3_no_ass.c v3_group_ac.c \
         v3_single_use.c v3_ac_tgt.c v3_audit_id.c v3_bacons.c v3_sda.c \
         v3_usernotice.c x_unotice.c x_iserial.c v3_authattid.c v3_iobo.c \
-        v3_aaa.c v3_attrmap.c
+        v3_aaa.c v3_attrmap.c v3_ind_iss.c
 
 IF[{- !$disabled{'deprecated-3.0'} -}]
   SOURCE[../../libcrypto]=x509type.c
diff --git a/crypto/x509/ext_dat.h b/crypto/x509/ext_dat.h
index e6f040c768fa1..6a30cffcaef6a 100644
--- a/crypto/x509/ext_dat.h
+++ b/crypto/x509/ext_dat.h
@@ -44,3 +44,4 @@ extern const X509V3_EXT_METHOD ossl_v3_issued_on_behalf_of;
 extern const X509V3_EXT_METHOD ossl_v3_allowed_attribute_assignments;
 extern const X509V3_EXT_METHOD ossl_v3_attribute_mappings;
 extern const X509V3_EXT_METHOD ossl_v3_holder_name_constraints;
+extern const X509V3_EXT_METHOD ossl_v3_indirect_issuer;
diff --git a/crypto/x509/standard_exts.h b/crypto/x509/standard_exts.h
index 2e8948fa482a5..5178574bb9dd3 100644
--- a/crypto/x509/standard_exts.h
+++ b/crypto/x509/standard_exts.h
@@ -86,7 +86,7 @@ static const X509V3_EXT_METHOD *standard_exts[] = {
     &ossl_v3_soa_identifier,
     &ossl_v3_acc_cert_policies,
     &ossl_v3_acc_priv_policies,
-    // TODO: indirectIssuer
+    &ossl_v3_indirect_issuer,
     &ossl_v3_no_assertion,
     &ossl_v3_issued_on_behalf_of,
     &ossl_v3_single_use,
diff --git a/crypto/x509/v3_ind_iss.c b/crypto/x509/v3_ind_iss.c
new file mode 100644
index 0000000000000..8c5e82a636590
--- /dev/null
+++ b/crypto/x509/v3_ind_iss.c
@@ -0,0 +1,49 @@
+/*
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include "internal/cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+#include "ext_dat.h"
+
+static int i2r_INDIRECT_ISSUER(X509V3_EXT_METHOD *method,
+                               void *su, BIO *out,
+                               int indent)
+{
+    return 1;
+}
+
+static void *r2i_INDIRECT_ISSUER(X509V3_EXT_METHOD *method,
+                                 X509V3_CTX *ctx, const char *value)
+{
+    return ASN1_NULL_new();
+}
+
+static char *i2s_INDIRECT_ISSUER(const X509V3_EXT_METHOD *method, void *val)
+{
+    return OPENSSL_strdup("NULL");
+}
+
+static void *s2i_INDIRECT_ISSUER(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str)
+{
+    return ASN1_NULL_new();
+}
+
+const X509V3_EXT_METHOD ossl_v3_indirect_issuer = {
+    NID_indirect_issuer, 0, ASN1_ITEM_ref(ASN1_NULL),
+    0, 0, 0, 0,
+    (X509V3_EXT_I2S)i2s_INDIRECT_ISSUER,
+    (X509V3_EXT_S2I)s2i_INDIRECT_ISSUER,
+    0, 0,
+    (X509V3_EXT_I2R)i2r_INDIRECT_ISSUER,
+    (X509V3_EXT_R2I)r2i_INDIRECT_ISSUER,
+    NULL
+};
diff --git a/test/certs/ext-indirectIssuer.pem b/test/certs/ext-indirectIssuer.pem
new file mode 100644
index 0000000000000..3fbfa6a2e54bb
--- /dev/null
+++ b/test/certs/ext-indirectIssuer.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBhjCCAXKgAwIBAgIDAQIDMAsGCSqGSIb3DQEBBTAAMCIYDzIwMjEwODMxMDIy
+NzM4WhgPMjAyMTA4MzEwMjI3MzhaMAAwggEgMAsGCSqGSIb3DQEBAQOCAQ8AMIIB
+CgKCAQEAtnjLm1ts1hC4fNNt3UnQD9y73bDXgioTyWYSI3ca/KNfuTydjFTEYAmq
+nuGrBOUfgbmH3PRQ0AmpqljgWTb3d3K8H4UFvDWQTPSS21IMjm8oqd19nE5GxWir
+Gu0oDRzhWLHe1RZ7ZrohCPg/1Ocsy47QZuK2laFB0rEmrRWBmEYbDl3/wxf5XfqI
+qpOynJB02thXrTCcTM7Rz1FqCFt/ZVZB5hKY2S+CTdE9OIVKlr4WHMfuvUYeOj06
+GkwLFJHNv2tU+tovI3mYRxUuY4UupkS3MC+Otey7XKm1P+INjWWoegm6iCAt3Vus
+pVz+6pU2xgl3nrAVMQHB4fReQPH0pQIDAQABow0wCzAJBgNVHT0EAgUAMAsGCSqG
+SIb3DQEBBQMBAA==
+-----END CERTIFICATE-----
\ No newline at end of file